The Secretless Broker is a connection broker that relieves client applications of the need to directly handle secrets. When an application requires access to a Target Service such as a database, web service, SSH connection, or any other TCP-based service, rather than connect to the Target Service directly it can connect to the local Secretless Broker without credentials. Secretless Broker can be configured to retrieve credentials for each connection from any of several credential stores and inject the credentials into the connection request. Once the connection is made, Secretless Broker seamlessly streams the connection between the client and the Target Service. The Secretless Broker can coordinate connections to multiple Target Services in parallel.

In this section of the documentation, we will provide the motivation for why you should use the Secretless Broker, talk about how it works, and define some key terms. To find out more about currently supported Target Services, please take a look at our reference.

Ready to use Secretless Broker in your Kubernetes environment? Check out our Kubernetes tutorial or our deployment guides!